Add report to source_document meta #913
Conversation
JimFuller-RedHat
force-pushed
the
add-quality-report
branch
from
1f7b09b
to
2306736
Compare
Also collocate the test for each tool in the same file. This should make it easier to find and work on each tool individually
JimFuller-RedHat
force-pushed
the
add-quality-report
branch
from
2306736
to
361afbc
Compare
|
I think the idea is good. But what I don't like is that we now have two "reports". One from sbomsleuth, the other existing report. And that we seem to have two different ways dealing with them. I'd prefer if we could merge the sbomsleuth report and the |
|
sure one thing better then two ;) The importer run report does not currently work on any sboms uploaded via rest api (or maybe I missed it?) ... I was hoping to get some direction on unifying on that axis as well. Also - do we want to 'bake in' heuristics on reports in trustify or push that to some calling client to decide (and maintain) ? Sounds like we need to discuss further. |
|
|
|
🤣 Let's have a chat. |
Generate sbomsleuth report when ingesting sbom which fixes #896
We will need to discuss where this report data is exposed .. possibly on api/v1/sbom endpoints ?